Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-31143: [dy] Fix terminal user authentication (#2586) · mage-ai/mage-ai@f63cd00

mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have editor permissions. Version 0.8.72 contains a fix for this issue.

CVE
#vulnerability#web#js#oracle#oauth#auth

@@ -1,6 +1,7 @@ import Ansi from 'ansi-to-react’; import { useCallback, useEffect, useMemo, useRef, useState } from 'react’;
import AuthToken from '@api/utils/AuthToken’; import ClickOutside from '@oracle/components/ClickOutside’; import Text from '@oracle/elements/Text’; import { Expand All @@ -26,6 +27,7 @@ import { KEY_CODE_META, KEY_CODE_V, } from '@utils/hooks/keyboardShortcuts/constants’; import { OAUTH2_APPLICATION_CLIENT_ID } from '@api/constants’; import { onlyKeysPresent } from '@utils/hooks/keyboardShortcuts/utils’; import { pauseEvent } from '@utils/events’; import { useKeyboardContext } from '@context/Keyboard’; Expand Down Expand Up @@ -58,6 +60,14 @@ function Terminal({
const [stdout, setStdout] = useState<string>();
const token = useMemo(() => new AuthToken(), []); const oauthWebsocketData = useMemo(() => ({ api_key: OAUTH2_APPLICATION_CLIENT_ID, token: token.decodedToken.token, }), [ token, ]);
useEffect(() => { if (lastMessage) { const msg = JSON.parse(lastMessage.data); Expand Down Expand Up @@ -122,12 +132,10 @@ function Terminal({ }, [command]);
const sendCommand = useCallback((cmd) => { sendMessage(JSON.stringify([ 'stdin’, cmd, ])); sendMessage(JSON.stringify([ 'stdin’, '\r’, ])); sendMessage(JSON.stringify({ …oauthWebsocketData, command: ['stdin’, cmd + ‘\r’], })); if (cmd?.length >= 2) { setCommandIndex(commandHistory.length + 1); setCommandHistory(prev => prev.concat(cmd)); Expand Down Expand Up @@ -174,12 +182,14 @@ function Terminal({ pauseEvent(event); if (onlyKeysPresent([KEY_CODE_CONTROL, KEY_CODE_C], keyMapping)) { if (command?.length >= 0) { sendMessage(JSON.stringify([ 'stdin’, command, ])); sendMessage(JSON.stringify([ 'stdin’, '\x03’, ])); sendMessage(JSON.stringify({ …oauthWebsocketData, command: ['stdin’, command], })); sendMessage(JSON.stringify({ …oauthWebsocketData, command: ['stdin’, ‘\x03’], })); setCursorIndex(0); } setCommand(‘’); Expand Down

Related news

GHSA-c6mm-2g84-v4m7: Mage-ai missing user authentication

### Impact You may be impacted if you're using Mage with user authentication enabled. The terminal could be accessed by users who are not signed in or do not have editor permissions. ### Patches The vulnerability has been resolved in Mage version 0.8.72.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907